US2023146558A1PendingUtilityA1
Secure Pairing for Payment Devices
Est. expiryNov 7, 2041(~15.3 yrs left)· nominal 20-yr term from priority
H04L 9/3263H04L 9/0841H04L 9/0825G06Q 20/401G06Q 2220/00G06Q 20/20H04L 2209/56G06Q 20/38215G06Q 20/204G06Q 20/206
42
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
At least one of a user-buyer device or a point of sale (POS) device having a UI (user interface) is configured with hardware, software, or algorithmic protocols, configurations, and safeguards that combat attempted unauthorized activity and theft by malicious attackers. Such configurations are in place to safeguard transactions between an authenticated buyer-user device and a POS device. Using digital certificates at one or both of the POS device or buyer device enables the other party to verify the other party and ensure that some malicious device has not intercepted communications or performed some man-in-the-middle attack.
Claims
exact text as granted — not AI-modifiedWhat is claimed:
1 . A user computing device, comprising:
one or more processors; and one or more hardware-based memory devices having instructions which, when executed by the one or more processors, cause the sending computing device to: establish a connection with a point of sale (POS) device to initiate a transaction; transmit a public key to the POS device to initiate a verification process; verify a digital certificate associated with the POS device responsive to transmitting the public key; and upon verifying the POS device's digital certificate, authorize execution of the transaction.
2 . The user computing device of claim 1 , wherein the user computing device is configured with a digital certificate distinct from the POS device's digital certificate, in which the user computing ‘device’s digital certificate enables the POS device to authenticate the user computing device.
3 . The user computing device of claim 2 , wherein the user computing ‘device’s digital certificate is further configured with information unique to the user computing device or the unique user of the user computing device.
4 . The user computing device of claim 3 , wherein the information includes any one or more of a unique PIN (personal identification code), user biometrics, user date of birth, user name, or user phone number.
5 . The user computing device of claim 4 , wherein the information is transmitted to the POS device with the digital certificate.
6 . The user computing device of claim 5 , wherein the POS device's UI (user interface) exposes the received information associated with the user computing ‘device’s digital certificate for user verification.
7 . The user computing device of claim 2 , further comprising a physical stamp that is uniquely associated with and identifies the digital certificate associated with the user computing device.
8 . The user computing device of claim 1 , further comprising a button, in which the execution of the transaction occurs after the user presses the button and the POS device's digital certificate is verified.
9 . One or more hardware-based memory devices storing computer-executable instructions which, when executed by one or more processors associated with a user computing device, cause the sending computing device to:
establish a connection with a point of sale (POS) device to initiate a transaction; transmit a public key to the POS device to initiate a verification process; verify a digital certificate associated with the POS device responsive to transmitting the public key; and upon verifying the POS device's digital certificate, authorize execution of the transaction.
10 . The one or more hardware-based memory devices of claim 9 , wherein the user computing device is configured with a digital certificate distinct from the POS device's digital certificate, in which the user computing ‘device’s digital certificate enables the POS device to authenticate the user computing device.
11 . The one or more hardware-based memory devices of claim 10 , wherein the user computing ‘device’s digital certificate is further configured with information unique to the user computing device or the unique user of the user computing device.
12 . The one or more hardware-based memory devices of claim 11 , wherein the information includes any one or more of a unique PIN (personal identification code), user biometrics, user date of birth, user name, or user phone number.
13 . The one or more hardware-based memory devices of claim 12 , wherein the information is transmitted to the POS device with the digital certificate.
14 . The one or more hardware-based memory devices of claim 13 , wherein the POS device's UI (user interface) exposes the received information associated with the user computing ‘device’s digital certificate for user verification.
15 . The one or more hardware-based memory devices of claim 10 , further comprising a physical stamp that is uniquely associated with and identifies the digital certificate associated with the user computing device.
16 . The one or more hardware-based memory devices of claim 9 , further comprising a button, in which the execution of the transaction occurs after the user presses the button and the POS device's digital certificate is verified.
17 . A method performed by a user computing device, comprising:
establishing a connection with a point of sale (POS) device to initiate a transaction; transmitting a public key to the POS device to initiate an authentication process; upon the POS device authenticating the user device receiving a public key from the POS device for authentication purposes; verifying the received public key indicates the POS device is authenticated with a payment service provider; and upon verifying the POS device is authenticated with the payment service provider, authorizing execution of the transaction.
18 . The method of claim 17 , wherein the user computing device is configured with a digital certificate distinct from the POS device's digital certificate, in which the user computing ‘device’s digital certificate enables the POS device to authenticate the user computing device.
19 . The method of claim 18 , wherein the user computing ‘device’s digital certificate is further configured with information unique to the user computing device or the unique user of the user computing device.
20 . The method of claim 17 , wherein subsequent communications between the user device and the POS device are performed using a Diffie-Hellman key exchange based on the exchanged public keys.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.